Dave’s Computer Tips: Everything you know about passwords is wrong!

daves computer tips

by Ken Harthun in Daves Computer Tips

My last post was a real teaser according to some. I have to admit that was my intention; however, I meant what I said. The conventional way of looking at passwords is completely wrong. And it is wrong for one very big and completely overlooked reason. Follow these next three posts and you’ll see exactly what I mean. What follows is three articles I wrote for my Security Corner blog. They have gained real traction on the ‘net.
Feel free to post your comments!

Break out your pet’s name, your children’s names, your spouse’s name or any other easy-to-remember words or phrases that I–and every other security wonk–have been telling you never to use. Apparently, we’ve been giving you some information that isn’t as valid as we thought. In fact, depending on how you look at it, we may have been completely wrong with some of the things we insisted you do or don’t do. Don’t misunderstand, what we told you worked and the information would have resulted in greater security, it was just too darned complex. Because of that, many people just didn’t make the extra effort.

There has been a sea change in the password paradigm–Article continued here

This excerpt is shared with permission from davescomputertips.com.

 1,800 total views,  1 views today

(Visited 1 times, 1 visits today)

8 thoughts on “Dave’s Computer Tips: Everything you know about passwords is wrong!”

  1. OMG I thought it was just me gettin old and impatient.. Seems like back in the day when you wanted to download someth8ing, the biggest icon on the page was your download link, now its always some registry fix or driver updater program.. Theres nothing wrong with my registry! Just gimme my file…

  2. The web has been degrading for a few years now. I no longer spend much time surfing anymore; it’s become a real PITA. Most web sites only exist to harvest email addresses they can then sell. Far too many bury info in such a way that you have to click on many links to get to it thereby increasing their click numbers and generating more revenue. The web is becoming as pathetic as the humans who manage it. Not surprising when you think of it.

  3. One of the big hindrances that I come across is that many websites are restrictive in either password length or characters used. I have just changed a password and was only allowed to use 8 characters. Although secure enough for general guessing, it isn’t long enough, in spite of using several symbols.. Web sites need to get on board too..

  4. The sending and receiving MAC addresses of packets change from device to device, only the sending IP and recieving IP remains the same. Your idea would work if the originating MAC address was preserved in the header somehow.

    1. When I connect to a website, my IP address cannot be guaranteed to be the same as the last time. The MAC address is unique to my device (PC). The MAC address can be interrogated through the current login IP address, so the host could know the never changing device MAC address. Once I’m logged on, the IP address is fine for communicating as it does now. The only question needing answer when I login is “Is this the same user on the same PC?”

  5. Website passwords have become a real PITA. Clever web page programmers have made it impossible to save my login ID and password on my home PC or made 2 page logins so that password programs can’t insert my passwords either. I’ve got to keep a spreadsheet of the 50+ website logins and passwords. Some sites remember your IP address to keep secret answers from needing to be untered at every login. This is really dumb, as most people don’t have a dedicated IP address. The least they could do is remember the MAC address.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.